No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fit AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ecc local-key-pair create

ecc local-key-pair create

Function

The ecc local-key-pair create command generates a local Elliptic Curves Cryptography (ECC) host key pair.

By default, no local ECC host key pair exists in the system.

Format

ecc local-key-pair create

Parameters

None

Views

System view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

A local key pair is a prerequisite to a successful SSH login. Compared with the RSA algorithm used by the rsa local-key-pair create command, the ECC algorithm shortens the key length, accelerates the encryption, and improves the security. The length of the server key pair and the host key pair can be 256 bits, 384 bits and 521 bits. By default, the length of the key pair is 521 bits.

Follow-up Procedure

Perform other SSH configurations.

Precautions

  • The generated ECC host key pair is named in the format of wireless access point name_Host_ECC, such as Huawei_Host_ECC.

  • The ecc local-key-pair create and ecc local-key-pair destroy commands are not saved in the configuration file. They only need to be run once and take effect even after the wireless access point restarts.

  • Do not delete the ECC key file from the wireless access point. If the ECC key file is deleted, the ECC key pair cannot be restored after the wireless access point is restarted.

Example

# Generate a local ECC host key pair.

<Huawei> system-view
[Huawei] ecc local-key-pair create
Info: The key name will be: Huawei_Host_ECC.
Info: The ECC host key named Huawei_Host_ECC already exists.
Warning: Do you want to replace it ? [Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:521
Info: Generating keys...
Info: Succeeded in creating the ECC host keys.

# Enter an incorrect key length and re-enters the key length for a maximum number of retry attempts.

<Huawei> system-view
[Huawei] ecc local-key-pair create
Info: The key name will be: Huawei_Host_ECC.
Info: The ECC host key named Huawei_Host_ECC already exists.
Warning: Do you want to replace it ?[Y/N]: Y
Info: The key modulus can be any one of the following : 256, 384, 521.
Info: If the key modulus is greater than 512, it may take a few minutes.
Please input the modulus [default=521]:123
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:1024
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:512
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:2048
Error: Invalid ECC key modulus.
Please input the modulus [default=521]:4096
Error: Invalid ECC key modulus.
Error: The maximum number of retries has reached, and the command has already been canceled.
Translation
Download
Updated: 2019-07-18

Document ID: EDOC1100064353

Views: 108556

Downloads: 85

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next